package com.csi.bumblebee.interceptor;

import com.csi.bumblebee.mapper.ManageMapper;
import com.csi.bumblebee.util.JwtUtil;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * 拦截器
 *
 * @author HUOJT
 */
@Component
@CrossOrigin
public class MyInterceptor implements HandlerInterceptor {

    @Autowired
    private ManageMapper manageMapper;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        /*response.setContentType("application/json;charset=utf-8");

        //定义权限验证失败的JSON
        Map<String,Object> map = new HashMap<>() ;
        map.put("code",500) ;
        map.put("msg","权限不足") ;
        JSONObject jsonObject = new JSONObject(map) ;

        //定义token验证失败的JSON
        Map<String,Object> tokenMap = new HashMap<>() ;
        tokenMap.put("code",88888) ;
        tokenMap.put("msg","token验证失败") ;
        JSONObject tokenJsonObject = new JSONObject(tokenMap) ;

        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Headers","*");
        response.setHeader("Access-Control-Allow-Methods","*");
        response.setHeader("Access-Control-Allow-Credentials","true");
        response.setHeader("Access-Control-Max-Age","360000");

        if (HttpMethod.OPTIONS.toString().equals(request.getMethod())) {
            response.setStatus(HttpServletResponse.SC_OK);
            System.out.println("跨域问题");
            return false;
        }

        AntPathMatcher antPathMatcher = new AntPathMatcher();

        //获取路径
        String requestPath = request.getServletPath();

        System.out.println("路径:"+requestPath);

        //获取前端传输的用户Id
        String id = request.getHeader("id");
        System.out.println("用户"+id);

        //验证token
        String token = request.getHeader("token");

        System.out.println("token: " + token);

        if (!JwtUtil.parseToken(token)){

            response.getWriter().write(tokenJsonObject.toString());
            response.getWriter().close();
            System.out.println("token 验证不通过");
            System.out.println(requestPath);
            return false;
        }

        if ("".equals(id) || id == null){
            System.out.println("前面未放行");

            response.getWriter().write(jsonObject.toString());

            response.getWriter().close();

            return false;
        }

        //获取用户请求的方式
        String requestMethod = request.getMethod();
        System.out.println("请求方式"+requestMethod);

        List<String> requestPathList = manageMapper.findRequestPath(id, requestMethod);

        //循环用户所拥有的的权限
        for (String s : requestPathList) {

            //如果用户所拥有的的权限中含有发起的请求路径就放行
            if (antPathMatcher.match(s, requestPath)) {
                System.out.println("放行了");
                return true;
            }
        }

        response.getWriter().write(jsonObject.toString());
        response.getWriter().close();
        System.out.println("后面未放行");*/

        return true;
    }

}
